prepare app migration to db.lasereverything.net
- remove hardcoded makearmy.io references - convert utilities to relative paths - fix external link detection - add svgnest middleware rule - update background remover navigation
This commit is contained in:
parent
e08d4d81b3
commit
3614acd297
3 changed files with 208 additions and 73 deletions
|
|
@ -6,7 +6,7 @@ import { NextResponse, NextRequest } from "next/server";
|
|||
* Everything else is considered protected (including most /api/*).
|
||||
*/
|
||||
const PUBLIC_PAGES = new Set<string>([
|
||||
"/", // splash page is public
|
||||
"/", // splash page is public
|
||||
"/auth/sign-in",
|
||||
"/auth/sign-up",
|
||||
]);
|
||||
|
|
@ -16,15 +16,19 @@ import { NextResponse, NextRequest } from "next/server";
|
|||
* Keep this list tiny; add broad /api/webhooks to allow ALL webhook endpoints.
|
||||
*/
|
||||
const PUBLIC_API_PREFIXES: string[] = [
|
||||
"/api/auth", // login/refresh/callback endpoints
|
||||
"/api/files/list", // read-only file endpoints
|
||||
"/api/auth", // login/refresh/callback endpoints
|
||||
"/api/files/list", // read-only file endpoints
|
||||
"/api/files/raw",
|
||||
"/api/files/download",
|
||||
"/api/webhooks", // ← allow ALL webhooks (e.g. /api/webhooks/kofi, /api/webhooks/*)
|
||||
"/api/webhooks", // allow ALL webhook endpoints
|
||||
];
|
||||
|
||||
/** Directus base (used to remotely validate the token after restarts). */
|
||||
const DIRECTUS = (process.env.NEXT_PUBLIC_API_BASE_URL || process.env.DIRECTUS_URL || "").replace(/\/$/, "");
|
||||
const DIRECTUS = (
|
||||
process.env.NEXT_PUBLIC_API_BASE_URL ||
|
||||
process.env.DIRECTUS_URL ||
|
||||
""
|
||||
).replace(/\/$/, "");
|
||||
|
||||
type MapResult = { pathname: string; query?: Record<string, string> };
|
||||
|
||||
|
|
@ -73,11 +77,9 @@ import { NextResponse, NextRequest } from "next/server";
|
|||
|
||||
const res = NextResponse.redirect(url);
|
||||
|
||||
// Only clear auth markers in true re-auth scenarios
|
||||
if (wantReauth) {
|
||||
res.cookies.set("ma_at", "", { maxAge: 0, path: "/" });
|
||||
res.cookies.set("ma_v", "", { maxAge: 0, path: "/" }); // throttle marker
|
||||
// res.cookies.set("ma_rt", "", { maxAge: 0, path: "/" }); // if you use refresh tokens
|
||||
res.cookies.set("ma_v", "", { maxAge: 0, path: "/" });
|
||||
}
|
||||
|
||||
return res;
|
||||
|
|
@ -87,13 +89,12 @@ import { NextResponse, NextRequest } from "next/server";
|
|||
const url = req.nextUrl.clone();
|
||||
const { pathname } = url;
|
||||
|
||||
// ── -1) Always allow ALL webhook endpoints (no mapping, no gating, no redirects)
|
||||
// This lets external providers (Ko-fi, Patreon, etc.) POST without auth.
|
||||
// ── -1) Always allow ALL webhook endpoints
|
||||
if (pathname === "/api/webhooks" || pathname.startsWith("/api/webhooks/")) {
|
||||
return NextResponse.next();
|
||||
}
|
||||
|
||||
// ── 0) Root must never redirect (no mapping, no gating).
|
||||
// ── 0) Root must never redirect
|
||||
if (pathname === "/") return NextResponse.next();
|
||||
|
||||
// ── 1) Legacy → Portal mapping (before auth gating)
|
||||
|
|
@ -113,7 +114,8 @@ import { NextResponse, NextRequest } from "next/server";
|
|||
|
||||
const forceAuth =
|
||||
isAuthRoute &&
|
||||
(url.searchParams.get("reauth") === "1" || url.searchParams.get("force") === "1");
|
||||
(url.searchParams.get("reauth") === "1" ||
|
||||
url.searchParams.get("force") === "1");
|
||||
|
||||
if (!token && isProtected) {
|
||||
return kickToSignIn(req, { reauth: false });
|
||||
|
|
@ -174,20 +176,21 @@ import { NextResponse, NextRequest } from "next/server";
|
|||
function legacyMap(pathname: string): MapResult | null {
|
||||
if (pathname === "/" || pathname.startsWith("/portal")) return null;
|
||||
|
||||
// detail mappings elided for brevity…
|
||||
|
||||
const listRules: Array<[RegExp, MapResult]> = [
|
||||
[/^\/background-remover\/?$/i, { pathname: "/portal/utilities", query: { t: "background-remover" } }],
|
||||
[/^\/laser-toolkit\/?$/i, { pathname: "/portal/utilities", query: { t: "laser-toolkit" } }],
|
||||
[/^\/files\/?$/i, { pathname: "/portal/utilities", query: { t: "files" } }],
|
||||
[/^\/buying-guide\/?$/i, { pathname: "/portal/buying-guide" }],
|
||||
[/^\/lasers\/?$/i, { pathname: "/portal/laser-sources" }],
|
||||
[/^\/projects\/?$/i, { pathname: "/portal/projects" }],
|
||||
[/^\/my\/rigs\/?$/i, { pathname: "/portal/rigs", query: { t: "my" } }],
|
||||
[/^\/svgnest\/?$/i, { pathname: "/portal/utilities", query: { t: "svgnest" } }],
|
||||
[/^\/laser-toolkit\/?$/i, { pathname: "/portal/utilities", query: { t: "laser-toolkit" } }],
|
||||
[/^\/files\/?$/i, { pathname: "/portal/utilities", query: { t: "files" } }],
|
||||
[/^\/buying-guide\/?$/i, { pathname: "/portal/buying-guide" }],
|
||||
[/^\/lasers\/?$/i, { pathname: "/portal/laser-sources" }],
|
||||
[/^\/projects\/?$/i, { pathname: "/portal/projects" }],
|
||||
[/^\/my\/rigs\/?$/i, { pathname: "/portal/rigs", query: { t: "my" } }],
|
||||
];
|
||||
|
||||
for (const [re, dest] of listRules) {
|
||||
if (re.test(pathname)) return dest;
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
|
|
@ -208,10 +211,11 @@ import { NextResponse, NextRequest } from "next/server";
|
|||
if (pathname.startsWith("/api/")) {
|
||||
return startsWithAny(pathname, PUBLIC_API_PREFIXES);
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
// Match all except the usual static assets; webhooks are handled above.
|
||||
// Match all except the usual static assets
|
||||
export const config = {
|
||||
matcher: ["/((?!_next/static|_next/image|favicon.ico|robots.txt|sitemap.xml|images|static).*)"],
|
||||
};
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue